Wednesday, 26 October 2011

Unix on hypervisors, what have you done for us, lately?

Unix might be considered to be a successful operating system now, dominating the server side market via Linux and increasingly in peoples pockets through Android and iOS.

Conceived at the birth of big timeshare systems, Unix contains many design decisions that were acceptable then, but now seem somewhat archaic, especially when we compare them to the actual use now. I'll focus on one specific aspect - multiple applications per Unix instance.

A very common (2011) paradigm is to deploy multiple Unix instances per hypervisor, with the hypervisor taking the lions share of responsibility for scheduling and isolation. The irony lies in these being the specific things that Unix is supposed to be good at!

I personally lay the blame at the feet of cowardly system administrators unwilling to take a risk with an operating system they claim to love, retreating into the mystical protection of a hypervisor. Or at the feet of "best practice" which leads to avoiding anything approaching accepting adult responsibility for what happens on a machine.

A more charitable view is that the nature of workloads actually changed between the 1990s and the 2000s, as did the nature of the machines that ran them and the expectations of the cost of those workloads. The fact remains that if we are now using purpose built hypervisors to offload responsibility from the client OS, what is that client OS now doing?

As alternatives - BEA had a tilt at running Java straight on hypervisor supervised virtual machines, IBM's VM OS has a very light weight OS (CMS) that runs on its hypervisor and there's no shortage of smaller, lighter implementations of Unix like OSes. Amazon via Elastic Beanstalk and Google through their app server have shown us that we probably don't care in the end what is actually running underneath our apps.

I quite like aspects of the Unix architecture - but its a general purpose OS thats being increasingly used for a single purpose. If you can't trust it to isolate processes from each other and prioritise those processes, what can you trust it for?

So, Unix on hypervisors, what have you done for us, lately?

No comments: